# Allowlist Policy

## V1 Decision

Spec 375 does not introduce a committed allowlist file. The current repo scan runs with an empty allowlist and documents warnings/manual-review findings in `initial-scan-report.md`.

Future allowlist storage, if needed:

- Path: `specs/375-ui-bloat-regression-guard/artifacts/ui-bloat-allowlist.json`
- Format: JSON array of scoped entries.

## Required Entry Shape

Each future entry must contain:

- `rule_id`
- `file`
- `pattern`
- `reason`
- `surface_type`
- `audience`
- `review_marker`
- `expires_or_review_after`
- `owner_spec`

## Allowed Reasons

- Known existing debt documented in active or follow-up spec.
- False positive from collapsed technical details.
- Provider-owned or diagnostic-owned surface where the term is required.
- Temporary manual-review exception with owner and review date.

## Forbidden Patterns

- Blanket allowlist for `apps/platform/app/Filament`.
- Blanket allowlist for customer/auditor surfaces.
- Rule-wide allowlist with no file and pattern.
- Entries without owner, reason, review marker, or expiry/review date.
- Entries that hide a clear customer/auditor default-surface raw ID/internal-term leak without remediation or approved follow-up.

## Example

```json
[
  {
    "rule_id": "UIBLOAT_CUSTOMER_RAW_ID",
    "file": "apps/platform/resources/views/filament/pages/reviews/example.blade.php",
    "pattern": "operation id",
    "reason": "Appears only inside a collapsed technical details section.",
    "surface_type": "customer-auditor",
    "audience": "operator-support",
    "review_marker": "manual-review-required",
    "expires_or_review_after": "2026-09-01",
    "owner_spec": "specs/375-ui-bloat-regression-guard"
  }
]
```